diff options
| author | Hiroki Noda <kubo39@gmail.com> | 2020-01-28 04:07:38 +0900 |
|---|---|---|
| committer | Hiroki Noda <kubo39@gmail.com> | 2020-01-28 04:07:38 +0900 |
| commit | 9189b6732646e2af9d0847ef4230aec1d1e61730 (patch) | |
| tree | 5ba6387d71e1dbe899a775eecffa760e9d519116 /openssl/src/ssl | |
| parent | bb1cf5ef1967c1236757dde42c36ce2f1ea1a994 (diff) | |
| download | rust-openssl-9189b6732646e2af9d0847ef4230aec1d1e61730.zip | |
Add NO RENEGOTIATION option
SSL_OP_NO_RENEGOTIATION was added in OpenSSLv1.1.1 and backported to
v1.1.0h.
Diffstat (limited to 'openssl/src/ssl')
| -rw-r--r-- | openssl/src/ssl/mod.rs | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/openssl/src/ssl/mod.rs b/openssl/src/ssl/mod.rs index 314b734c..58d00be9 100644 --- a/openssl/src/ssl/mod.rs +++ b/openssl/src/ssl/mod.rs @@ -238,6 +238,12 @@ bitflags! { #[cfg(any(ossl102, ossl110))] const NO_SSL_MASK = ffi::SSL_OP_NO_SSL_MASK; + /// Disallow all renegotiation in TLSv1.2 and earlier. + /// + /// Requires OpenSSL 1.1.0h or newer. + #[cfg(ossl110h)] + const NO_RENEGOTIATION = ffi::SSL_OP_NO_RENEGOTIATION; + /// Enable TLSv1.3 Compatibility mode. /// /// Requires OpenSSL 1.1.1 or newer. This is on by default in 1.1.1, but a future version |